Modify

Opened 8 years ago

Closed 8 years ago

#3516 closed Bug (Fixed)

Specify types of parameters of _Crypt_EncryptData

Reported by: Sponge Jhan Owned by: Jpm
Milestone: 3.3.15.1 Component: Documentation
Version: 3.3.15.0 Severity: None
Keywords: _Crypt_EncryptData Cc:

Description

The input $vData and $vKey of _Crypt_EncryptData must be bytes rather than other types.
However, the documentation in [1] and AutoIt.chm both don't explicitly specify this.
StringEncrypt function in [1] also cannot decrypt encrypted non-ASCII characters correctly, such as Chinese, because it doesn't call StringToBinary in advance.

[1] https://www.autoitscript.com/autoit3/docs/libfunctions/_Crypt_EncryptData.htm

Attachments (0)

Change History (5)

comment:1 follow-up: Changed 8 years ago by Jpm

  • Component changed from Standard UDFs to Documentation

In fact the doc say implicitly that the parameters are variants ($v*) so it is the user responsability to give string or binary.
I understand that for chinease "characters" it seems better to use Binary as the AutoIt strings (UCS2) is not enough to handle all Chinese "characters"

Can you provide a repro script so I can verify what should be done in the doc?

Thanks

comment:2 Changed 8 years ago by jchd18

Sidenote: strings really should be converted to UTF8 before encryption and back from UTF8 after decryption, so that portability is achieved in all use cases (non-codepage chars in plaintext string or different codepages between encryption and decryption machines).

Maybe the doc should mention that and perhaps give a multi-lingual example (e.g. plaintext = "Hello! ជំរាបសួរ! Allô! Привет! 您好!مرحبا! હેલો! שלום! こんにちは!").

comment:3 in reply to: ↑ 1 Changed 8 years ago by Sponge Jhan

Replying to Jpm:

Can you provide a repro script so I can verify what should be done in the doc?

Thanks

Please run the code at the end of this comment.
I do the same as the documentation, encrypting without explicit StringToBinary call and

decrypting with BinaryToString using default encoding.
My machine reports 59/56 for two lengths.
Thanks!

#include <Crypt.au3>
#include <MsgBoxConstants.au3>

$plaintext = "Hello! ជំរាបសួរ! Allô! Привет! 您好!مرحبا! હેલો! שלום! こんにちは!"
$ciphertext = _Crypt_EncryptData($plaintext, "test", $CALG_RC4)
$result = BinaryToString(_Crypt_DecryptData($ciphertext, "test", $CALG_RC4))
MsgBox($MB_OK, "Result", $result & @LF & _

"Length original: " & StringLen($plaintext) & @LF & _
"Length after decryption: " & StringLen($result))

comment:4 Changed 8 years ago by Jpm

Thanks,
I was figuring out your pb.
As thre is no way to be sure that input data can be decrypted if internal conversion is done during encryption. It is the use responsability do do it.
I will chnge the doc to reflect what has to be done.
see the following example to do the right handling

#include <Crypt.au3>
#include <MsgBoxConstants.au3>
#include <StringConstants.au3>

Local $sPlaintext = "Hello! ជំរាបសួរ! Allô! Привет! 您好!مرحبا! હેલો! שלום! こんにちは!"

Local $dPlaintextUTF8 = StringToBinary($sPlaintext, $SB_UTF8) ; Convert to Binary string converting Unicode char as UTF8
;~ $dPlaintextUTF8 = $sPlaintext ; If Uncommented willshow why UTF8 conversion is needed

Local $iAlgorithm = $CALG_3DES
Local $g_hKey = _Crypt_DeriveKey("CryptPassword", $iAlgorithm)

Local $dEncrypted = _Crypt_EncryptData($dPlaintextUTF8, $g_hKey, $CALG_USERKEY) ; Encrypt the text with the new cryptographic key.

Local $dDecrypted = _Crypt_DecryptData($dEncrypted, $g_hKey, $CALG_USERKEY) ; Decrypt the data using the generic password string. The return value is a binary string.

Local $sDecrypted = BinaryToString($dDecrypted, $SB_UTF8) ; Convert the binary string using BinaryToString to display the initial data we encrypted.

If $sPlaintext = $sDecrypted Then
	MsgBox($MB_SYSTEMMODAL, "Decrypted data", $sDecrypted)
Else
	MsgBox($MB_SYSTEMMODAL, "BAD Decrypted data", $sPlaintext & @CRLF & "-->" & @CRLF & $sDecrypted)
EndIf

Version 0, edited 8 years ago by Jpm (next)

comment:5 Changed 8 years ago by Jpm

  • Milestone set to 3.3.15.1
  • Owner set to Jpm
  • Resolution set to Fixed
  • Status changed from new to closed

Fixed by revision [11822] in version: 3.3.15.1

Guidelines for posting comments:

  • You cannot re-open a ticket but you may still leave a comment if you have additional information to add.
  • In-depth discussions should take place on the forum.

For more information see the full version of the ticket guidelines here.

Add Comment

Modify Ticket

Action
as closed The owner will remain Jpm.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.